Threat actors began targeting a recently patched BeyondTrust vulnerability shortly after a proof-of-concept (PoC) exploit was released.

Attackers have not waited for Exploit Wednesday; the Microsoft Windows zero-day attacks have already started. Here’s what you need to know and do.

CISA has expanded its KEV catalog with new SolarWinds, Notepad++, and Apple flaws, including two exploited as zero-days.

CISA ordered federal agencies on Thursday to secure their systems against a critical Microsoft Configuration Manager vulnerability patched in October 2024 and now exploited in attacks.

These 4 critical AI vulnerabilities are being exploited faster than defenders can respond ...

A hacking campaign took just days to exploit a newly disclosed security vulnerability in Microsoft Windows version of WinRAR, ...

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is seeing active exploits related to the ConnectWise ScreenConnect vulnerability that was reported earlier last week. Vulnerabilities ...

Apply fixes within a few hours or face the music, say the pros What good is a fix if you don't use it? Experts are urging security teams to patch promptly as vulnerability exploits now account for the ...

Thousands of sites running WordPress remain unpatched against a critical security flaw in a widely used plugin that was being actively exploited in attacks that allow for unauthenticated execution of ...

Public-facing instances of ProjectSend, an open-source file-sharing web application, have been exploited by attackers, according to vulnerability intelligence provider VulnCheck. ProjectSend was ...

Mass exploitation began over the weekend for yet another critical vulnerability in widely used VPN software sold by Ivanti, as hackers already targeting two previous vulnerabilities diversified, ...

Volt Typhoon Hackers Exploit Zero-Day Vulnerability in Versa Director Servers Used by MSPs, ISPs Your email has been sent Volt Typhoon, a Chinese state-sponsored hacking group, has been caught ...